-
Notifications
You must be signed in to change notification settings - Fork 38
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Have Renovate file GitHub CodeQL upgrade PRs once every four weeks #745
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
⏰
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The suggested commit message should also mention setup-ruby
? 🤔
LGTM otherwise!
.renovaterc.json
Outdated
"matchDepNames": ["github/codeql-action"], | ||
"matchPackagePatterns": [ | ||
"^ruby\\/setup-ruby$" | ||
], |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Two questions:
- These rules are disjunctive (either, but not both need to match)?
- Since
ruby/setup-ruby
is also a GitHub action, can it also be specified usingmatchDepNames
(or, if we want to consistently keep usingmatchPackagePatterns
, cangithub/codeql-action
be also expressed as such)?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
- Yes, for example; it opened the CodeQL PR while the PSM is already up-to-date (in my local testing setup).
- I see there is no entry for Ruby yet in our config, so I can file a PR there to add it.
(I was wondering why we didn't get any updates, but we are still on the latest: https://github.com/marketplace/actions/setup-ruby-jruby-and-truffleruby).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Verified with local testing that the depName
is ruby/setup-ruby
😄.
Added a commit to use the deps in a similar way.
Suggested commit message:
|
9b2b64f
to
47e4bde
Compare
Looks good. No mutations were possible for these changes. |
1 similar comment
Looks good. No mutations were possible for these changes. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice!
47e4bde
to
354317d
Compare
Rebased, will merge once 🍏! |
Kudos, SonarCloud Quality Gate passed! |
Looks good. No mutations were possible for these changes. |
As discussed here.